Ehsan Akhgari
baf73d756f
Bug 1135745 - Disable the reserved-id-macro macro in security/pkix; r=briansmith
2015-02-23 13:40:09 -05:00
Ryan VanderMeulen
fd0387315e
Merge inbound to m-c. a=merge
2015-02-21 16:40:27 -05:00
ffxbld
c2dabe6507
No bug, Automated HPKP preload list update from host bld-linux64-spot-148 - a=hpkp-update
2015-02-21 03:32:26 -08:00
ffxbld
00bf62f9f5
No bug, Automated HSTS preload list update from host bld-linux64-spot-148 - a=hsts-update
2015-02-21 03:32:24 -08:00
André Reinald
256a142a70
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "rules part". r=smichaud
...
--HG--
extra : histedit_source : f703a6a8abbf500cb882263426776fdb138b73a3
2015-02-21 13:06:34 +01:00
André Reinald
70a296a23b
Bug 1083344 - Tighten rules for Mac OS content process sandbox - "core part". r=smichaud
...
--HG--
extra : histedit_source : 3c904474c57dbf086365cc6b26a55c34b2b449ae
2015-02-18 14:10:27 +01:00
Brian Smith
ffe59cf419
Bug 1133618 - Move test SHA1 function to pkixtestutil.cpp. r=mmc
...
--HG--
extra : histedit_source : ef579a4958356a12974b1f0f69ab2d6070ff8e65
2015-02-16 16:37:03 -08:00
Brian Smith
bbf8006735
Bug 1130754 - Make PublicKeyAlgorithm an enum class. r=keeler
...
--HG--
extra : histedit_source : 14d321bc2cbdf749fd05994571ca439ee62ab973
2015-02-14 13:25:09 -08:00
Masatoshi Kimura
2bdace7384
Bug 1127339 - Detect SSLv3-only server in PSM. r=keeler
2015-02-21 17:20:22 +09:00
Cykesiopka
31ea56f770
Bug 1097622 - Add test cases for certs that have notBefore times earlier than the UNIX epoch. r=dkeeler
2015-02-17 06:15:00 -05:00
Cykesiopka
47f24e15e4
Bug 1097622 - Return ERROR_INVALID_TIME when decoding invalid time values. r=dkeeler
2015-02-18 15:56:00 -05:00
Cykesiopka
37b3759ab9
Bug 1097622 - Rename (mE|e)rrorCodeExpired variables to (mE|e)rrorCodeTime. r=dkeeler
2015-02-17 06:12:00 -05:00
Masatoshi Kimura
17cbaa2849
Bug 1133187 - Update fallback whitelist. r=keeler
2015-02-19 04:12:59 +09:00
Masatoshi Kimura
0101cbcbce
Bug 1124039 - Allow RC4 only for whitelisted hosts. r=keeler
2015-02-19 04:12:58 +09:00
Chris Peterson
5ef9f4d21f
Bug 1133283 - Remove nonstandard expression closures from security/manager/ssl/tests. r=keeler
2015-01-24 23:48:22 -08:00
David Keeler
372a8a591d
bug 1123671
- if a non-overridable error is encountered when processing an overridable certificate error, report the non-overridable error r=mmc r=jcj
...
Also, SEC_ERROR_UNTRUSTED_ISSUER and SEC_ERROR_UNTRUSTED_CERT are not actually overridable, so don't pretend they are.
2015-01-23 14:04:44 -08:00
Christoph Kerschbaumer
b88b7049eb
Bug 1099296 - Attach LoadInfo to remaining callers of ioService and ProtocolHandlers - in security/ (r=keeler)
2015-02-17 10:09:40 -08:00
Carsten "Tomcat" Book
e2399947f4
Merge mozilla-central to mozilla-inbound
2015-02-16 16:14:51 +01:00
Carsten "Tomcat" Book
08fafcb3e2
merge mozilla-inbound to mozilla-central a=merge
2015-02-16 15:59:56 +01:00
ffxbld
99b5f33384
No bug, Automated HPKP preload list update from host bld-linux64-spot-1093 - a=hpkp-update
2015-02-14 03:21:57 -08:00
ffxbld
c9826729b7
No bug, Automated HSTS preload list update from host bld-linux64-spot-1093 - a=hsts-update
2015-02-14 03:21:55 -08:00
Masatoshi Kimura
eb132d66f6
Bug 1131880 - Modify the condition to disallow PR_CONNECT_RESET_ERROR on fallback. r=keeler
2015-02-16 20:03:06 +09:00
Masatoshi Kimura
7e78ba3eec
Backout 9507662057de (bug 1130670) and c731517a47e8 (bug 1124039) due to compatibility issues
2015-02-16 19:55:15 +09:00
Mike Hommey
6786219e1f
Bug 1120937 - Properly initialize string fields from the PKCS#11 test module. r=keeler
...
The string fields need to be padded with spaces, according to what
PK11_MakeString does to find the end of the string.
While here, factor all the string manipulations in the test module and
use some C++ template magic to do the right thing.
This changes the static asserts from (with clang):
pkcs11testmodule.cpp:45:3: error: static_assert failed
"TestManufacturerID too long - make it shorter"
static_assert(sizeof(TestManufacturerID) <= sizeof(pInfo->manufacturerID),
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
to:
pkcs11testmodule.cpp:46:3: error: static_assert failed
"DestSize >= SrcSize - 1"
static_assert(DestSize >= SrcSize - 1, "DestSize >= SrcSize - 1");
^ ~~~~~~~~~~~~~~~~~~~~~~~
pkcs11testmodule.cpp:58:3: note: in instantiation of function
template specialization 'CopyString<32, 63>' requested here
CopyString(pInfo->manufacturerID, TestManufacturerID);
^
which actually gives more information than before: it gives the length of
both buffers.
2015-02-13 10:29:18 +09:00
Masatoshi Kimura
1b6561194e
Bug 1130670 - Remove dead code that tracks strongCipherStatus. r=keeler
2015-02-14 15:16:04 +09:00
Nicholas Nethercote
3a7b0a9f57
Bug 1131901 (part 1) - Make PL_DHashTableAdd() infallible by default, and add a fallible alternative. r=froydnj.
...
I kept all the existing PL_DHashTableAdd() calls fallible, in order to be
conservative, except for the ones in nsAtomTable.cpp which already were
followed immediately by an abort on failure.
--HG--
extra : rebase_source : 526d96ab65e4d7d71197b90d086d19fbdd79b7b5
2015-02-02 14:48:58 -08:00
Cykesiopka
d92c1180e0
Bug 1130405 - Remove unused pippki strings. r=jcj
2015-02-11 05:08:00 -05:00
Cykesiopka
edf6d8ff32
Bug 1130402 - Make use of currently unused certManager.dtd access key strings. r=jcj
2015-02-07 01:16:00 -05:00
Bob Owen
78f86d5dec
Bug 1132021 - Add a new sandbox level for Windows NPAPI to use USER_LIMITED access token level. r=bsmedberg, r=bbondy
2015-02-11 16:25:43 +00:00
Cykesiopka
2c768c2db6
Bug 1131475 - Make sure reference to "unable_to_toggle_fips" bundle key is in the correct case. r=jcj
2015-02-11 05:05:00 -05:00
Andrew McCreight
31ba9aaed9
Bug 1131199, part 2 - Make PLDHashtInitEntry infallible. r=froydnj
...
Also, drop the unused table argument.
2015-02-11 09:46:40 -08:00
Andrew McCreight
6ec7fe58dd
Bug 1131199, part 1 - Allocation of CompareCacheHashEntryPtr::entry is infallible. r=froydnj
2015-02-11 09:46:40 -08:00
Brian Smith
7755422e90
Bug 1102195 Part 4: Re-apply - Change a non-conforming usage of a const value type to a non-const value type, which VS2015 rightly rejects, r=bobowen
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/c827c112df81
2015-01-07 23:28:51 -08:00
Bob Owen
931cf70b78
Bug 1102195 Part 3: Re-apply logging changes to the Chromium interception code. r=tabraldes
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/0f763c186855
2014-11-29 17:12:18 +00:00
Bob Owen
09607f7c35
Bug 1102195 Part 2: Re-apply pre-vista stdout/err process inheritance change to Chromium code after merge. r=tabraldes
...
Originally landed as changset:
https://hg.mozilla.org/mozilla-central/rev/f94a07671389
2014-11-18 15:11:47 +00:00
Bob Owen
a887f0edbd
Bug 1102195 Part 1: Update Chromium sandbox code to commit df7cc6c04725630dd4460f29d858a77507343b24. r=aklotz, r=jld
2015-02-11 08:22:02 +00:00
Brian Smith
a89b90ea7f
Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler
...
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
2015-02-07 12:14:31 -08:00
Nicholas Nethercote
63e3218e4c
Back out changesets 2fcef6b54be7, 2be07829fefc, 66dfe37b8532, df3fcd2be8fd, 0a436bce77a6 (bug 1050035) for causing intermittent crashes and assertion failures.
...
--HG--
extra : rebase_source : eb30be83c3143c6c203585a80a18f180025efaba
2015-02-10 14:39:49 -08:00
Brian Smith
b0f87b9b6c
Bug 1122841, Part 2: Centralize checking of public key, r=keeler
...
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
2015-02-02 16:17:08 -08:00
Brian Smith
dbc534e182
Bug 1122841, Part 1: Add PositiveInteger parser, r=keeler
...
--HG--
extra : rebase_source : 50d79951398e44bf2718c0f071962aa00660fec2
2015-02-06 18:21:20 -08:00
Brian Smith
1bb835dbca
Bug 1128413, Part 4: Fix warnings in mozilla-config.h and gcc-stl-wrapper.template.h, r=glandium
...
--HG--
extra : rebase_source : 7ba4fb8a0bd11648908e2790e86ce3bb4517aeb7
2015-02-02 17:35:19 -08:00
Brian Smith
3920fcd650
Bug 1128413, Part 3: Enable more compiler warnings, r=mmc
...
--HG--
extra : rebase_source : 2d17605e6b9296b74493526e052b771be18d4260
2015-02-07 14:38:40 -08:00
Brian Smith
6254cc408e
Bug 1128413, Part 2: Don't use double underscores any more
...
--HG--
extra : rebase_source : 5f550089aea320231ca2398126fc7f03e5dffc37
2015-01-31 19:51:46 -08:00
Brian Smith
a4ceeff7d4
Bug 1128413, Part 1: Fix switch-related warnings, r=mmc
...
--HG--
extra : rebase_source : 3d70c2a4ae8f9705a8a2c56c2f49e50fe4711ea9
2015-02-02 14:21:27 -08:00
Masatoshi Kimura
83c11c2359
Bug 1124039 - Enable RC4 only if ClientHelloVersion <= TLS 1.0. r=keeler
2015-02-10 22:29:51 +09:00
Cykesiopka
500d8c1041
Bug 897690 - Remove misleading error message from AppendErrorTextUntrusted. r=dkeeler
...
--HG--
extra : rebase_source : b232fa770189e40916ca60a18c6b12c24d2a77dd
2015-02-09 03:50:00 +01:00
Bob Owen
a6f34cc0d5
Bug 1129369 Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox. r=tabraldes
2015-02-10 09:06:59 +00:00
Bob Owen
70afa43d6f
Bug 1129369 Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox. r=tabraldes
2015-02-10 09:06:59 +00:00
Bob Owen
1a190016de
Bug 1129369 Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox. r=tabraldes
2015-02-10 09:06:59 +00:00
Nicholas Nethercote
242708cf72
Bug 1127201 (attempt 2, part 1) - Replace most NS_ABORT_IF_FALSE calls with MOZ_ASSERT. r=Waldo.
...
--HG--
extra : rebase_source : 488e401ff87e31a2074c4108c4df0572d9536667
2015-02-09 14:34:50 -08:00